Creative Services, Inc. (CSI) is an expert in handling and protecting sensitive information. As an industry leader in pre-employment screening, CSI is provided with, and provides to others, sensitive personal information. We have established physical, electronic and procedural safeguards to protect this information. All data is collected, stored and used in compliance with federal, state, Safe Harbor/European Union and other international laws regarding background screening and privacy. CSI considers privacy and information security among our highest priorities.

Purpose, Scope and Data Integrity

• CSI collects information for the purpose of performing employment screening and does not sell or rent personally identifiable information to unauthorized parties or disclose it for marketing or other unauthorized purposes.
• Information is obtained from employment applications, credit bureaus, public sources and other informational databases. This information may include but is not limited to: name, address, telephone number, social security number, date of birth, credit information, academic and employment history, and criminal record.
• These information sources are not maintained by CSI, therefor CSI cannot absolutely guarantee that the information from these sources is entirely current or accurate. However, CSI makes every effort to utilize the most reliable informational resources and stringent validation criteria to help insure the information it receives and disseminates is thorough, current and accurate.

Organizational Accountability

• CSI restricts access to personally identifiable information to those CSI employees who require access in order to perform their job responsibilities.
• CSI conducts extensive background screening, which exceeds the requirements of the Nuclear Regulatory Commission (NRC), on all employees with access to sensitive information and all employees must sign non-disclosure and confidentiality agreements as a condition of employment.
• CSI conducts training regarding the lawful and intended purpose of processing sensitive information and the need to maintain the confidentiality of the sensitive information to which CSI employees have access.

Client & Vendor Credentialing and Onward Transfer

• CSI provides employment screening services only to clients with a legitimate permissible purpose and maintains a formal process to identify and credential prospective clients.
• CSI requires clients to execute agreements certifying they will provide disclosure to, and receive consent from, their applicants with regard to performing background investigations, and will use and maintain sensitive information in accordance with applicable laws.
• As necessary to accomplish its screening services, CSI may contract with other vendors to perform specified functions. CSI maintains a formal process to identify and credential prospective vendors and requires approved vendors to execute agreements certifying they will provide the same level of protection as CSI when handling sensitive information, will use and maintain sensitive information in accordance with applicable laws and solely for the purpose of performing the specified services for which they are contracted.

Notice, Consent and Choice

• CSI will not conduct any background investigation without properly executed applicant Disclosure & Acknowledgment and Release & Authorization documents. Execution of these documents constitutes notice and consent to conduct the background investigation.
• If an applicant does not wish to have his/her personal data made available to CSI or its vendors for the purpose of CSI conducting and providing a background investigation to its clients, the applicant may choose not to execute the Disclosure & Acknowledgment and Release & Authorization documents.

Data Protection, Retention and Disposal

• CSI employs physical security measures to protect the perimeter of all buildings and facilities housing sensitive information. Sensitive records are stored in a secured environment, accessible only to those employees and individuals with a legitimate business need.
• Electronic information that is stored or transmitted is encrypted and layered for security by firewall and multi-tiered virus protection, as well as by network servers, network workstations and software applications that are password protected.
• CSI maintains response plans for disaster recovery, emergency action and breach of information that are regularly reviewed, tested and modified as necessary.
• CSI securely retains sensitive information only for time periods as necessary to comply with federal and state laws, to respond to audit requests by clients or other authorized entities, and to fulfill disclosure requests by the subjects of its reports.
• Upon expiration of said time periods, sensitive information is destroyed and disposed of in accordance with federal regulations by methods reasonable and appropriate to prevent unauthorized access.

Access, Dispute Resolution and Enforcement

• CSI will provide access to the background investigation to the subject of the report, upon verification of identity, in accordance with state laws, the Fair Credit Reporting Act (FCRA) and Safe Harbor principles.
• CSI will respond promptly to claims of incorrect or inaccurate information and, in instances of adverse action, adhere to dispute resolution procedures with regard to notification, reinvestigation and adjudication in accordance with the FCRA and the European Union Data Protection Authorities (EU DPAs).

To contact Creative Services, Inc:

Creative Services, Inc.
Corporate Headquarters
64 Pratt Street
Mansfield, MA 02048
Phone: 508-339-5451 x204 / 800-227-0002
Fax: 508-339-2352
Compliance Hotline: 800-536-0093

Nuclear Screening Operations Center
103 A Beaufort Street
P.O. Box 636
Chapin, SC 29036
Phone: 803-345-3993 / 800-605-1307
Fax: 803-345-9186
Compliance Hotline: 800-536-0093

Revised and Effective: January 2007